Microsoft has identified a security flaw in macOS which was corrected by Apple with macOS 12.1 (released in release mid-December). The vulnerability, dubbed “Powerdir”, allowed a villain to bypass protections in the technology of transparency, consent and control (TCC) of the operating system, introduced in 2012 with OS X Mountain Lion.
TCC was developed to help users configure permission settings for macOS software (access to webcam, microphone, location data). Apple has built in a mechanism that prevents the execution of arbitrary code, and has reinforced this policy by restricting TCC access to only apps with full disk access.
However, Microsoft security researchers have pinpointed a flaw that allows malicious data to be injected into the TCC database, which stores software queries. In this way, a robber is able to orchestrate an attack based on the user’s personal data. A hacker could thus access the microphone to record private conversations, or take screenshots of sensitive information.
The vulnerability, identified CVE-2021-30970, was therefore plugged with macOS 12.1, which we can only recommend to install quickly.